我一直在努力解决这个问题。我正在尝试使用Rest-Client ruby gem来使用SSL证书来访问API端点。我确信服务器只响应TLSv_1_2和TLSv_1_1,但我似乎无法使其正常工作。 这是代码的片段:
resource = RestClient::Resource.new(
endpoint,
:ssl_client_cert => OpenSSL::X509::Certificate.new(File.read(config["cert"])),
:ssl_client_key => OpenSSL::PKey::RSA.new(File.read(config["key"])),
:ssl_version => :TLSv1_2,
:verify_mode => OpenSSL::SSL::VERIFY_PEER
)
response = resource.delete(:params => {:name => 'test'})
p endpoint + " | " + response.code.to_s
这就是我得到的:
/usr/local/rvm/rubies/ruby-2.2.1/lib/ruby/2.2.0/net/http.rb:923:in `connect': SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A (OpenSSL::SSL::SSLError)
from /usr/local/rvm/rubies/ruby-2.2.1/lib/ruby/2.2.0/net/http.rb:923:in `block in connect'
from /usr/local/rvm/rubies/ruby-2.2.1/lib/ruby/2.2.0/timeout.rb:74:in `timeout'
from /usr/local/rvm/rubies/ruby-2.2.1/lib/ruby/2.2.0/net/http.rb:923:in `connect'
from /usr/local/rvm/rubies/ruby-2.2.1/lib/ruby/2.2.0/net/http.rb:863:in `do_start'
from /usr/local/rvm/rubies/ruby-2.2.1/lib/ruby/2.2.0/net/http.rb:852:in `start'
from /usr/local/rvm/gems/ruby-2.2.1/gems/rest-client-1.8.0/lib/restclient/request.rb:413:in `transmit'
from /usr/local/rvm/gems/ruby-2.2.1/gems/rest-client-1.8.0/lib/restclient/request.rb:176:in `execute'
from /usr/local/rvm/gems/ruby-2.2.1/gems/rest-client-1.8.0/lib/restclient/request.rb:41:in `execute'
from /usr/local/rvm/gems/ruby-2.2.1/gems/rest-client-1.8.0/lib/restclient
from test.rb:47:in `<main>'
我一直在关注this一段时间,但它没有多大帮助。
答案 0 :(得分:1)
强烈建议使用顶级初始值设定项:
<强> CONF /初始化/ tls_settings.rb
OpenSSL::SSL::SSLContext::DEFAULT_PARAMS[:ssl_version] = 'TLSv1_2'